Nils Walter

Want to analyze your single-cell data, but don't like to deal with code? 🧬 Good news: CellWhisperer now runs on your MacBook! 💻 Get your single-cell AI assistant running in under 5 minutes.⏱️ Made with ❤️ @BockLab

Relational Foundation Models face a scaling problem: diverse training datasets are rarely public due to privacy constraints 🔒. 🚀 We are excited to introduce "PluRel": a framework that synthesizes diverse multi-table relational databases from scratch, unlocking scaling laws for RFMs. 🧵 Kudos to the amazing collaborators at @StanfordAILab @Kumo_ai_team , and @SAP : @_rishabhranjan_ @VHudovernik @vijaypradwi @johanneshoffart @guestrin @jure

I’ve been reflecting on the fragility of current AI deployments and why the industry's reliance on detectors and reactive red-teaming is failing to address the root causes of insecurity. It is becoming clear that as we attempt to move from simple chatbots to fully autonomous agents, the common 'security will sort itself out' mindset is a liability that no amount of superficial guardrails can fix. I wrote up some thoughts on why we need to stop patching symptoms and start mandating principled, secure-by-design architectures if we actually want to achieve safe, auditable integration. iliaishacked.substack.com/p/some-thought…

Our work will be presented on 4th December (tomorrow) between 11am - 2pm at NeurIPS in San Diego. Where? - Exhibit Hall C,D,E Poster No - #4004 @yashYRS and I will be presenting our work! Please drop by our poster to know the answer! @mhahn29

The full paper is available on arXiv: arxiv.org/pdf/2510.21057. A minimal implementation will be made available on GitHub soon: github.com/nilspwalter/sic.

SIC in summary: • embarrassingly simple + preserves a lot of utility • cheap (just a few LLM calls + string ops) • model-agnostic: you can drop it in front of any tool-using agent Is it perfect? No. Very strong adaptive attackers can still occasionally get through by hiding malicious intent as something that looks like harmless system logs or workflow notes — we show these failures in the paper. But in practice, SIC makes prompt injection a lot less reliable without wrecking its usefulness.

It is notoriously hard to defend LLMs against prompt injections. Most defenses show good performance on static benchmarks but fall apart against stronger adaptive attackers. In our latest work, we present an almost embarrassingly simple defense that delivers ~3× better robustness against the strongest adaptive prompt injection attacks to date - while keeping utility degradation acceptable. Joint work with @csitawarin, Jamie Hayes, @davidstutz92, @iliaishacked.

🚀 The next EfficientML talk ⬇️ 🧑‍🔬 The Uncanny Valley: Exploring Adversarial Robustness from a Flatness Perspective by Nils Philipp Walter & Linara Adilova 📅 11 Nov 2024 🕔 5pm CET Discover a curious twist in adversarial attacks! 🔗 arxiv.org/abs/2405.16918

Full paper and code now available! 😊 Follow the link to find out how we discover causal networks from data that arrives in episodes over time. 🌐 eda.rg.cispa.io/continent

Will be at #ICML2024 this week, together with @schaschaxu and @drjilles. Excited to present our (spotlight) paper on discovering exceptional subgroups. Happy to chat about explainability, ML4Science, robustness, and neuro-symbolic ML. Paper: openreview.net/forum?id=AG45X…

For more details check out the full paper: openreview.net/forum?id=AG45X…. We make the code publicly available on GitHub github.com/nilspwalter/sy…. Additionally, we provide a demo to give you an easy start to analyze your own data. 🧵7/7

Syflow’s framework seamlessly allows to analyze tabular data as well as image data. Here, for example, Syflow discovers subgroups in the MNIST dataset. 🧵6/7

🚨Our paper ”Learning Exceptional Subgroups by End-to-End Maximizing KL-divergence” received a spotlight at #ICML2024!🎉 Thank you @schaschaxu, @drjilles and Janis for this incredible collaboration. #ML4Science #interpretability #neurosymbolic 🧵1/7 openreview.net/forum?id=AG45X…